You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Avg A/v Now Says My Ad-aware Se Install .exe Is Trojan!

Okay, two days ago, I downloaded Ad-Aware SE Build 1.06r1 (Updated) from Softpedia, and the file is almost twice the size (4.62 MB) as the regular SE Build 1.06r1. I'm guessing this new version has some fix for the people who weren't able to use the auto-updater for the definition updates any more (it stopped working -- mostly Earthlink people, I think). Here's the link:http://www.softpedia.com/progDownload/AdAw...load-13916.html

I downloaded the Softpedia Secure Download (RO) (Romania) because the US one was really slow for me on dial-up (stop and start).

I'm 95% sure I scanned it with AVG A/V free at the time, and it was fine. However when I merely opened my downloads folder today that had the file in it, AVG A/V suddenly popped up and said it was a TrojanHorse Downloader! Well, I freaked out, tried to get more info, but wasn't connected to the internet, the accidentally blocked AVG from connecting to the internet in ZA (besides I think it uses IE, because my default is Firefox, but the window that popped up that couldn't connect had an IE icon in it), then it had some kind of timer counting down in the AVG window, so I had to make a choice, and I accidentally hit "heal". It said it healed it, but what it did was delete the file from my computer (I assume -- it was no longer in the folder and not in the trash).

So, being curious, I popped in the cd I had all my downloaded programs on and scanned it with AVG A/V -- and, lo and behold, it flagged the same file on the cd the same way. This time I chose to put it in the virus vault -- the icon changed for a generic one for the program on the cd (obviously it couldn't delete it since it was on a cd) and I just popped the cd back out.

I went to AVG A/V Virus Vault and apparently it had also put the first one in there (or a copy of it) because it says it can't be healed. Here's the info from the Virus Vault on each:

First one, which was on my hard drive that I "healed":

Under the "T" column, it has a blue box with an exclamation point in it

...except this time, I didn't even have to scan -- AVG A/V immediately popped up once the file was done downloading. So I chose to move it to the Virus Vault like the last one. However, I'm not sure why this is only 2.32MB -- either the download crapped out or at some point flagged it before it finished downloading? (It did suddenly seem to finish awfully fast, then AVG immediately popped up.)

[Note: For some reason, I had to restart my computer according to AVG in order to carry out either the first or second one above -- I don't remember which. But it was only that way with one of them. Normal?]

Questions:

1. What the heck is going on? Obviously, there was some update to AVG that made this file get flagged this way when two days ago it didn't.

2. What do I do now? Do I wipe all three objects? Empty the virus vault? What?

3. Is this probably a false positive?

4. Should I not install this "(Updated)" version of Ad-Aware SE and just use my old program version with the updating problem? (I can still manually download definitions and put them in the program folder.)

5. I'm going to scan my laptop with the A/V now -- but do I have to scan also in "safe mode"? That'll take like three or more hours!

6. I placed the contents of that cd (which included that file) on the desktop of my new laptop (which does not have A/V yet). I have not installed the program or anything. Can I just go on there and delete the file from the desktop and call it good? If it is bad, it can't infect or do anything unless it's executed, right?

7. Does this mean, in any way, that the other programs I had on the cd (or in the folder with this one) are effected in any way? Or are they okay to continue to install/use? (I have already used two programs on the new laptop from that cd which also contains this Ad-Aware file -- PC Decrapifier and Norton Removal Tool -- is that an issue now for my new laptop?)

Man, it's one thing after another...

First that "music_now" thing and now this...

Please let me know, as my stress level is continuing to rise from all this computer stuff...

I just downloaded Ad-Aware Personal from Lavasoft, and I got the same virus warning from AVG. I'd also like to know if it's a trojan or a false positive. Has Lavasoft been hacked?

Well, if that was the case, it would have had to of happened awhile back, I'd think, because the files at Softpedia are dated (I think) from April (at least, that's what it says was when the file was last updated). But, as I posted, the file was *not* flagged as such two days ago. Only starting today.

If I hear anything about it, I'll certainly post. In the meantime, hopefully we'll get some of the experts to stop by and fill us in and answer my ridiculously detailed and meticulous questions, and ease my extreme worrying!

Good to know -- thanks! I'll wait until morning to proceed. At least I've still got the file on my cd and don't have to redownload. And the fact that it's happening with various versions of Ad-Aware is a good sign!

Thanks for the piece of mind. If anyone gets any updates, please post. I'll also monitor that lavasoft thread.

Any idea how fast AVG will fix this issue? I'm hesitant to put it on the new laptop because of it catching the Ad-Aware .exe I've got on there (though I guess I can just delete it for now), but I've got to get this new laptop going because the days are running out before I have to decide if it's going to work out (as I'm having other issues with it). Thanks!

From what I read, it looks like AVG is flagging the installer, not the program.Disconnect from the internet, disable AVG, install Ad-Aware, burn the installer to a disc (if you want to save it, otherwise delete it), delete Ad-Aware installer from harddrive, then re-enable AVG.

I too had downloaded Ad-Aware a couple of days previously for another computer without any problems. Good to know that it's a false positive, which is what I suspected, but did not want to install it until it was confirmed. I told AVG to ignore it, so all should now be well.